Information Security Manager job at Credit Bank
Website :
1064 Days Ago
Linkedid Twitter Share on facebook

Vacancy title:
Information Security Manager

[ Type: FULL TIME , Industry: Banking , Category: Computer & IT ]

Jobs at:

Credit Bank

Deadline of this Job:
28 January 2022  

Duty Station:
Within Kenya , Nairobi , East Africa

Summary
Date Posted: Tuesday, January 25, 2022 , Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about Credit Bank
Credit Bank jobs in Kenya

JOB DETAILS:
Reports To: Chief Manager Risk And Compliance
Division: Head Office
Protecting Something Valuable

Job Purpose
Responsible for providing continuous independent assurance on the bank's Information Security as regards confidentiality, integrity and availability of the IT infrastructure, processing systems and related resources in line with the Information Security Policy.

Key Responsibilities
• Overseeing and implementing the bank’s cybersecurity program and enforcing the
• cybersecurity policy.
• Ensuring that the bank maintains a current enterprise-wide knowledge base of its users, devices, applications, and their relationships, including but not limited to:
• Software and hardware asset inventory,
• Network maps (including boundaries, traffic and data flow)
• Network utilization and performance data.
• Ensuring that information systems meet the needs of the Bank and the ICT strategy, in particular information system development strategies, comply with the overall business strategies, risk appetite and ICT risk management policies of the bank.
• Design cybersecurity controls with the consideration of users at all levels of the bank, including internal and external users.
• Ensure an updated risk register is in place in order to keep abreast of the latest risks facing information technology and ways to mitigate them.
• Organizing professional cyber related trainings to improve technical proficiency of staff members.
• Supervise the design and execution of a comprehensive cyber risk assessments, vulnerability assessments, penetration tests and security audits are conducted.
• Ensuring that adequate processes are in place for monitoring IT systems to detect
• cybersecurity events and incidents in a timely manner.
• Reporting to the Head of Risk & Compliance on an agreed intervals on detailed exceptions to the approved cybersecurity policies and procedures, assessment of the effectiveness of the approved cybersecurity programs, all material cybersecurity events that affects the bank during the period and assessment of the confidentiality, integrity and availability of the information systems in the bank.
• Ensuring timely update of the incident response mechanism and Business Continuity
• Plan (BCP) based on the latest cyber threat intelligence gathered.
• Incorporate the utilization of scenario analysis to consider a material cyber-attack, mitigating actions, and identify potential control gaps.
• Ensuring frequent data backups of critical IT systems are carried out.
• Ensuring the roles and responsibilities of managing cyber risks, including in emergency orcrisis decision-making, are clearly defined, documented, and communicated to relevant staff members.
• Continuously test disaster recovery and Business Continuity Plans (BCP) arrangements to ensure that the bank can continue to function and meet its regulatory obligations in the event of an unforeseen attack through cyber-crime.
• Ensure timely submission of Risk Control Self-Assessment (RCSA) exercise and all identified risks and gaps are followed up for mitigation.
• Ensure timely submissions of cyber security returns to the regulator.
• Ensure compliance to regulatory notices and guidelines.

Selection Criteria
• Degree in Information Security/Computer Forensics/Computer Science/Information Technology Information security certifications e.g., CISM, CISSP, CEH, GIAC, OSCP
• Demonstrate a good understanding of IT Security administrative operations and controls around Network, Operating Systems Applications and Databases
• Knowledge in System administration, Network Administration, Operating Systems administration (Linux and Windows) as this will be critical for the execution of risk assessments
• Possession of ISO 27001 or ISO 31000 certification is an added advantage
• At least 5 years’ experience in IT Security field
• Good communication and report writing skills required for preparation of Board Reports on Cybersecurity risks
• Team player and attention to detail

Work Hours: 8


Experience in Months: 60

Level of Education:
Bachelor Degree

Job application procedure
If you believe that you have the required qualifications and experience to fill in the above position, kindly send your detailed resume together with a cover letter to career@creditbank.co.ke to reach us by us by 28th January 2022.
*Only short listed candidates will be contacted.


All Jobs

QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Computer/ IT jobs in Kenya
Job Type: Full-time
Deadline of this Job: 28 January 2022
Duty Station: Kenya
Posted: 25-01-2022
No of Jobs: 1
Start Publishing: 25-01-2022
Stop Publishing (Put date of 2030): 25-01-2065
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.